San Francisco - The Electronic Frontier Foundation (EFF) told a congressional committee today that the government's illegal dragnet electronic surveillance opens the door to even more privacy violations for ordinary Americans.

The sheer volume of personal information collected and the databases in which that information is stored create a giant target for attackers who want to steal or expose Americans' personal data. In a response to questions asked of EFF by the House Committee on Energy and Commerce, EFF Legal Director Cindy Cohn explained in comments submitted Friday that an increase in the number of databases introduces more points of vulnerability into the system, putting sensitive personal information from millions of people at risk.

"We have all heard about security problems with government databases. A report from the Department of Homeland Security found 477 breaches in 2006 alone," said Cohn. "The warrantless domestic surveillance going on now isn't just illegal -- it could expose your personal information to thieves and criminals."

The committee asked EFF for input as part of its review of the Protect America Act, deeply flawed legislation that broadly expanded the National Security Agency's authority to spy on Americans without warrants. Next week, the House is set to vote on the RESTORE Act, a bill designed restore the civil liberties lost under the previous law.

Since the committee had also sent a list of key questions to AT&T and the other major telecommunications firms about their involvement in illegal surveillance activities, EFF provided the committee information about the Hepting v. AT&T lawsuit. EFF represents the plaintiffs in this class-action lawsuit brought by AT&T customers, accusing the telecommunications company of violating their rights by illegally assisting the NSA's domestic surveillance. The Hepting case is just one of many suits aimed at holding telecoms responsible for knowingly violating federal privacy laws with warrantless wiretapping and the illegal transfer of vast amounts of personal data to the government.

EFF also provided the committee with a legal analysis of the use of so-called "exigent letters" by the government to obtain information about Americans and about their "communities of interest," two topics also raised by the committee in its letters to the telecommunications carriers. EFF's Freedom of Information Act (FOIA) work uncovered this illegal broadening of surveillance authority.

"We're pleased that the committee is interested in obtaining answers from the leading telecommunications carriers about whether they have been following the privacy laws protecting their customers' communications. Congressional oversight of the telecommunications companies' activities is long overdue," said Cohn.

For EFF's full comments to the House Committee on Energy and Commerce:

Related Updates

Hiperderecho, the leading digital rights organization in Peru, in collaboration with the Electronic Frontier Foundation, today launched its second ¿Quien Defiende Tus Datos? (Who Defends Your Data?), an evaluation of the privacy practices of the Internet Service Providers (ISPs) that millions of Peruvians use every day. This year's...

The California Consumer Privacy Act (CCPA) requires the California Attorney General to take input from the public on regulations to implement the law, which does not go into effect until 2020. The Electronic Frontier Foundation has filed comments on two issues: first, how to verify consumer requests to companies for...

Ever since the Cambridge Analytica scandal last summer, consumer data privacy has been a hot topic in Congress. The witness table has been dominated by the biggest platforms, with those in lockstep with the tech giants earning the vast majority of attention. However, this week marked the first time that...

We urged the Florida Supreme Court yesterday to review a closely-watched lawsuit to clarify the due process rights of defendants identified by facial recognition algorithms used by law enforcement. Specifically, we told the court that when facial recognition is secretly used on people later charged with a crime, those...

In his latest announcement, Facebook CEO Mark Zuckerberg embraces privacy and security fundamentals like end-to-end encrypted messaging. But announcing a plan is one thing. Implementing it is entirely another. And for those reading between the lines of Zuckerberg’s pivot-to-privacy manifesto, it’s clear that this isn’t just about privacy. It’s...

In back-to-back hearings last week, the House and the Senate discussed what, if anything, Congress should do about online privacy. Sounds fine—until you see who they invited. Congress should be seeking out multiple, diverse perspectives. But last week, both chambers largely invited industry advocates, eager to...

San Francisco - Technology is supposed to make our lives better, yet many big companies have products with big security and privacy holes that disrespect user control and put us all at risk. The Electronic Frontier Foundation (EFF) is launching a new project called “Fix It Already!” demanding repair...

Today we are announcing Fix It Already, a new way to show companies we're serious about the big security and privacy issues they need to fix. We are demanding fixes for different issues from nine tech companies and platforms, targeting social media companies, operating systems, and enterprise platforms on...

Update, 2:35 p.m.: The coalition of groups behind Privacy for All has grown since time of publishing. This update reflects the latest count. Privacy is a right. It is past time for California to ensure that the companies using secretive practices to make money off of our personal information treat...